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DETAILED ACTION 

1 . A request for continued examination under 37 CFR 1.114, including tlie fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on May, 19 
2008 has been entered. Claims 1, 9, 12, 16, have been amended. Claims 1-22 are 
pending and have been considered below. 



Claim Rejections - 35 USC §112 

2. The following is a quotation of the second paragraph of 35 U.S.C. 1 1 2: 

The specification sliall conclude witli one or more claims particularly pointing out and distinctly 
claiming the subject matter, which the applicant regards as his invention. 

3. Claim 3 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. The claim recites the limitation of "sending the access key 
and the identification information to the proxy server". It is unclear to the examiner, if 
the identification information is the received proxy server identification or different 
identification information. For examination purpose only, the examiner will interpret the 
claim as "sending the access key and a first control identification information to the 
proxy server" Appropriate correction is required. 
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Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

5. Claims 1 , 6, 1 6 and 20-21 are rejected under 35 U.S.C. 1 02(e) as being 
anticipated by Grantges, Jr. at al (US 6,510,464). 

Claim 1: Grantges. Jr. et al discloses a method for controlling a network 
remotely, comprising: 

i. Configuring a first control unit inside a first firewall to control the 
network(Firewall system 32 is configured to examine all messages 
destined for, or exiting from, the private, secure network, and to block 
those that do not meet predetermined security criteria) (column 5, lines 
40-57); 

ii. Configuring a proxy server outside the first firewall (Proxy server 34 
is disposed on the insecure public network side of firewall system 32, in a 
so-called Demilitarized Zone (DMZ). A DMZ is located between the 
insecure) (column 5, lines 58-67); and 

ill. Establishing a session between the first control unit and the proxy 
server (gateway 38 includes gateway proxy server 40 and gateway web 
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server 44. Gateway proxy server 40 is configured to establish second 
secure connection 54 across firewall system 32 with DMZ proxy server 34) 
(column 6, lines 37-67), wherein establisliing tine session is executed 
using an access l<ey (further messages between client computer 22 and 

DMZ proxy server 34 are encrypted in accordance with a session l<ey 
icnown to both client computer 22 and DMZ proxy 34) (column 8, lines 40- 
55). 

.Claim 6: Grantqes. Jr. et al discloses a communications metliod as in claim 1 
above, and Grantqes. Jr. et al further discloses wherein configuring the proxy 
server includes: 

i. Receiving the first control unit identification information {column 6, 
lines 3-13); 

11. Storing the first control unit identification information in the proxy 
server (column 6, lines 10-35); 

ill. Adding the first control unit as a first remote device {column 6, lines 
3-30); and 

iv. Exchanging a validation message between the first control unit and 

the proxy server {column 6, lines 3-30). 
Claims 16 and 21: Grantqes. Jr. et al discloses a system and a method 
communications system, comprising: 

i. A first console residing within an unprotected public network and 

configured to generate at least one console request message(co/t//77A7 10, 
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lines 32-55), the console request message including at least one of a 
request for network management data, a request for Internet Protocol (IP)- 
Private Branch Exchange (PBX), or a request for status 
information(co/umn 10, lines 45-57); 

ii. A proxy server coupled to the first console(F/G. 1), the proxy server 
configured to pool the at least one request, and to provide access from at 
least one console to the first control unit, the proxy server being 
implemented within a De-Militarized Zone (DMZ) between a protected 
network and the unprotected public network {column 4, lines 1-25; Fig. 1) ; 

iii. A first firewall coupled to the proxy server {Fig. 1); and 

iv. A first control unit residing within the protected network and coupled 
to the first firewall, the first control unit configured to receive the at least 
one request from the proxy server, the first control unit further configured 
to output at least one response corresponding to the at least one request 
to the proxy server, the proxy server configured to output the at least one 
response to the first console {column 4, lines 1-20, column 5, line 40 to 
column 6, line 67). 

Claim 20: Grantqes, Jr. et al discloses a system as in claim 16 above, but does 
not explicitly discloses wherein the proxy server includes processor- executable 
code, the code performing the steps of: 

receiving a client request from the first console {Fig. 2); 
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writing the at least one request {column 4, lines 1-20, column 5, line 40 to 
column 6, line 67); 

reading tine at least one request column 4, lines 1-20, column 5, line 40 to 
column 6, line 67); 

sending the at least one request to the first control unit column 4, lines 1- 
20, column 5, line 40 to column 6, line 67); 

receiving the at least one response column 4, lines 1-20, column 5, line 40 
to column 6, line 67); and 

outputting the at least one response to the first console {column 4, lines 1- 
20, column 5, line 40 to column 6, line 67)). 



Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

a. A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be patented 
and the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary sl^ill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 2-5, 7-1 1 and 1 7-1 8 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Grantqes. Jr. et al (US 6,510,464) in view of Xu et al (US 7,257,837). 

Claim 2. Grantges. Jr. et al discloses a communications method as in claim 1 
above, but does not explicitly discloses a second control unit inside a second 
firewall, the proxy server being outside the second firewall. However, Xu et al 
discloses a firewall penetration system for real time media communications. 
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which further discloses that the method further comprising configuring a second 
control unit inside a second firewall, the proxy server being outside the second 
firewall (Fig. 1). Therefore, it would have been obvious to one of ordinary skill in 
the art at the time the invention was made to modify the teaching of Grantqes. Jr. 
et a! such as to Include a second firewall. One would have been motivated to do 
so in order to establish and maintain real time media communication channels 
through firewall as taught by Xu et al (column 1 , lines 5-10). 
Claim 3: Grantqes. Jr. et al discloses a communications method as in claim 1 
above, but does not explicitly discloses a second control unit Inside a second 
firewall, the proxy server being outside the second firewall. However, Xu et al 
discloses a firewall penetration system for real time media communications, 
which further discloses wherein configuring the first control unit includes: 
receiving the proxy server Identification information; generating an access key in 
the first control unit; and sending the access key and the identification 
information to the proxy server. However, Xu et al discloses a firewall 
penetration system for real time media communications, which further discloses 
wherein configuring the first control unit includes: receiving the proxy server 
Identification information; generating an access key in the first control unit; and 
sending the access key and the identification information to the proxy server 
(column 4, lines24-67). Therefore, it would have been obvious to one of ordinary 
skill in the art at the time the invention was made to modify the teaching of 
Grantqes. Jr. et al such as to include a second firewall. One would have been 
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motivated to do so in order to establish and maintain real time media 
communication channels through firewall as taught by Xu et al (column 1 , lines 5- 
10). 

Claim 5: Grantqes. Jr. et al and Xu et al disclose a communications method as in 
claim 3 above, and Xu et al further discloses wherein receiving the proxy server 
identification information includes inquiring the proxy server from the first control 
unit to obtain the proxy server IP address (column 4, lines24-67). Therefore, it 
would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the teaching of Grantqes. Jr. et al such as to 
include a second firewall. One would have been motivated to do so in order to 
establish and maintain real time media communication channels through firewall 
as taught bv Xu et al (column 1, lines 5-10). 

Claim 7: Grantqes. Jr. et al discloses a communications method as in claim 1 
above, but does not explicitly discloses wherein establishing a session between 
the first control unit and the proxy server includes coupling through a second 
firewall, the proxy server being inside the second firewall. However, Xu et al 
discloses a firewall penetration system for real time media communications, 
which further wherein establishing a session between the first control unit and the 
proxy server includes coupling through a second firewall, the proxy server being 
inside the second firewall (column 4, lines 24-67). Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to 
modify the teaching of Grantqes. Jr. et al such as to include a second firewall. 
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One would have been motivated to do so in order to establisli and maintain real 
time media communication channels through firewall as taught by Xu et al 
(column 1, lines 5-10). 

Claim 8: Grantqes. Jr. et al and Xu et al disclose a communications method as in 
claim 7 above, and Xu et al further discloses connecting between the proxy 
server and a console, the console being inside the second firewall, the 
connecting using an IP address facing inside the second firewall (column 4, lines 
24-67; Fig. 5). Therefore, it would have been obvious to one of ordinary skill in 
the art at the time the invention was made to modify the teaching of Grantqes. Jr. 
et al such as to include a second firewall. One would have been motivated to do 
so in order to establish and maintain real time media communication channels 
through firewall as taught by Xu et al (column 1 , lines 5-10). 
Claim 9: Grantqes, Jr. et al discloses a communications system, comprising: 

i. A first enterprise network {Fig. 1); 

ii. A first control unit coupled to the first enterprise network (Fig. 
1 items 38); 

ill. A first firewall coupled to the first control unit(F/gf. 1, item 32); 
iv. A public network {Fig 1, item 26); and 

V. A proxy server located outside the first fire wall and implemented 
within a De-Militarized Zone (DMZ) between the first enterprise network 
and the public network, coupled to the public ne\sNork(Proxy server 34 is 
disposed on the insecure public network side of firewall system 32, in a 
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so-called Demilitarized Zone (DMZ). A DMZ is located between tiie 
insecure) (column 5, lines 58-67), the first control unit being configured 
with proxy server information, the proxy server being configured with first 
control unit information, the first control unit being further configured to 
send a first access key to the proxy server, the first control unit and the 
proxy server configured to establish a communication session based on 
the first access key (further messages between client computer 22 and 
DMZ proxy server 34 are encrypted in accordance with a session key 
known to both client computer 22 and DMZ proxy 34) (column 6, lines 37- 
67;column 8, lines 40-55)., the proxy server to aggregate and store 
performance data provided by the first control unit (column 6, lines 12-35). 
however, does not explicitly disclose that the first control unit being configured 
with proxy server information, the proxy server being configured with first control 
unit information, the first control unit being further configured to send a first 
access key to the proxy server. However, Xu et al discloses a firewall 
penetration system for real time media communications, which further discloses 
that the first control unit being configured with proxy server information, the proxy 
server being configured with first control unit information, the first control unit 
being further configured to send a first access key to the proxy server (See Fig. 
5a, 5b). Therefore, it would have been obvious to one of ordinary skill in the art 
at the time the invention was made to modify the teaching of Grantqes. Jr. et al 
such as to configure the server and a firewall control unit with each other 
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information. One would have been motivated to do so in order to establish and 
maintain real time media communication channels through firewall as taught by 
Xu et al (column 1 , lines 5-1 0). 

Claims 4 and 10: Grantqes. Jr. et al and Xu et al disclose a communications 
system and method as in claims 3 and 9 above, and Xu et al further discloses 
wherein receiving the proxy server information includes a proxy server host 
name, a proxy server IP address, and a proxy server port number {column 2, 
lines 45-67). Therefore, it would have been obvious to one of ordinary skill in the 
art at the time the invention was made to modify the teaching of Grantges, Jr. et 
al such as to include a proxy server host name, a proxy server IP address, and a 
proxy server port number. One would have been motivated to do so in order to 
establish and maintain real time media communication channels through firewall 
as taught by Xu et al (column 1 , lines 5-1 0). 

Claims 11 and 18: Grantaes. Jr. et al and Xu et al disclose a communications 
system as in claims 9 and 16 above, and Xu et al further discloses that the 
system further comprising: 

i. A second firewall coupled to the public network (Fig 1 ); 

ii. A second control unit coupled to the second firewall (Fig. 1 ); and 

iii. A second enterprise network coupled to the second control unit, the 
second control unit being configured with proxy server information, the 
proxy server being configured with second control unit information, the 
second control unit being further configured to send a second access key 
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to the proxy server, the second control unit and the proxy server 
configured to establish a communication session based on the second 
access key {column 4, line 16 to column 5, line 45; Fig. 1). 
Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to modify the teaching of Grantges. Jr. et al such as 
to include and configure a second firewall. One would have been motivated to do 
so in order to establish and maintain real time media communication channels 
through firewall as taught by Xu et al (column 1 , lines 5-10). 
Claim 17: Grantges. Jr. et al discloses a communications system as in claim 16 
above, but does not explicitly discloses a second console coupled to the proxy 
server, the second console configured to generate at least one other request, the 
proxy server configured to pool the at least one other request(Fig. 1 ). However, 
Xu et al discloses a firewall penetration system for real time media 
communications, which further discloses a second console coupled to the proxy 
server, the second console configured to generate at least one other request, the 
proxy server configured to pool the at least one other request(Fig. 1). Therefore, 
it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the teaching of Grantges, Jr. et al such as to 
include a second console. One would have been motivated to do so in order to 
establish and maintain real time media communication channels through firewall 
as taught bv Xu et al (column 1, lines 5-10). 
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8. Claims 12 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Grantqes. Jr. et al (US 6,510,464) in view of Beurket et al (US 6,360,273). 

Claim 12. Grantqes. Jr. et al discloses a communication system, comprising: 

i. A first enterprise networkfF/gf. 1); 

ii. A first control unit coupled to the first enterprise network {Fig. 1, 
item 38); 

iii. A first firewall coupled to the first control unit(F/gf. 1, item 32); 

iv. A public network {Fig. 1, item 26); and 

V. A proxy server that includes at least one of a client request handler, 
a shared request object pool, or a server request handler, the proxy server 
being implemented within a De- Militarized Zone (DMZ) between the first 
enterprise network and the public network. (Proxy server 34 is disposed 
on the insecure public network side of firewall system 32, in a so-called 
Demilitarized Zone (DMZ). A DMZ is located between the insecure) 
(column 5, lines 58-67). 
However, does not explicitly discloses that a proxy server that includes at least 
one of a client request handler, a shared request. However, Beurket et al 
discloses system for collaborative transformation, which further discloses that 
proxy server that includes at least one of a client request handler, a shared 
request object pool, or a server request handler (Fig. 2, item 230). Therefore, it 
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would have been obvious to one of ordinary sl<ill in tlie art at tlie time tlie 
invention was made to modify the teaching of Grantges, Jr. et a! such as to 
include at least one of a client request handler, a shared request object pool, or a 
server request handler in the proxy server. One would have been motivated to do 
so in order to enable authentication between entities in communication. 
Claim 13: Grantges. Jr. et al and Beurket et al disclose a communication system 
as in claim 12 above, and Grantges. Jr. et al further discloses wherein the proxy 
server is configured to receive first control unit identification information, store the 
first control unit identification information in the proxy server, add the first control 
unit as a first remote device, and exchange a validation message between the 
first control unit and the proxy server (column 6, lines 12-35). 

9. Claims 14 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Grantges. Jr. et al (US 6,51 0,464) in view of Beurket et al (US 6,360,273) and Xu 
et al (US 7,257,837).. 

Claim 14: Grantges. Jr. et al and Beurket et al disclose a communication system 
as in claim 13 above, while neither of them explicitly discloses a that the system 
further discloses a second firewall, a second control unit and a second enterpnse 
network, However, Xu et al discloses a firewall penetration system for real time 
media communications, which further discloses that the system further 
comprising: 

i. A second firewall coupled to the public network (Fig. 1 ) 
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ii. A second control unit coupled to the second firewall (Fig, 1 ); and 
ill. A second enterprise network coupled to the second control unit, the 
second control unit configured to receive proxy server identification 
information, generate a access key in the first control unit, and send the 
access key and the identification information to the proxy server(co/umn 4, 
line 16 to column 5, line 45; Fig. 1). 
Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to modify the teaching of Grantqes. Jr. et al such as 
to include second firewall, a second control unit and a second enterprise 
network. One would have been motivated to do so in order to enable 
authentication between entities in communication. 
Claim 15: Grantqes. Jr. et al . Beurket et al and Xu et al disclose a 
communication system as In claim 14 above, and Xu et al further discloses 
wherein the proxy server is configured to receive second control unit 
identification information, store the second control unit identification information 
in the proxy server, add the second control unit as a second remote device, and 
exchange a validation message between the second control unit and the proxy 
server (column 10 line 1 1 column 1 1 , line 50). Therefore, It would have been 
obvious to one of ordinary skill in the art at the time the invention was made to 
modify the teaching of Grantqes. Jr. et al such as to include second firewall, a 
second control unit and a second enterprise network. One would have been 
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motivated to do so in order to enable authentication between entities in 
communication. 



10. Claims 19-20 and 22 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Grantqes, Jr. et a! (US 6,51 0,464) in view of Devine et a! (US 6,968,571 ). 

Claims 19 and 22: Grantqes. Jr. et al discloses a system and method as In 
claims 16 and 21 above, but does not explicitly discloses wherein the proxy 
server includes: a client request, a shared request object pool, a server request 
handler, and a shared request object pool. However Devine et al discloses a 
secure customer interface for web based data management, which further 
discloses 

i. A client request handler for receiving a client request from the first 

console {column 18, lines 59-67); 

ii. A shared request object pool coupled to the client request handler, 
the shared request object pool configured to store the at least one request 
{column 21, lines 1-15); and 

III. A server request handler coupled to the shared request object 
poo\(column 21, lines 13-35), the server request handler configured to 
read the at least one request from the shared request object pool, the 
server request handler configured to send the at least one request to the 
first control unit, the server request handler configured to receive the at 
least one response, the server request handler configured to output the at 
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least one response to the first console(co/t/mn 18, line 59 to column 19 , 
line 20). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to modify the teaching of Grantqes. Jr. et al such as 
to include in the proxy server includes: a client request, a shared request object 
pool, a server request handler, and a shared request object pool. One would 
have been motivated to do so in order to provide a security methodology for 
connecting users to an enterprise network or extranet over the public Internet as 
taught by Devine et al (column 1 , lines 20-25). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Fatoumata Traore whose telephone number is (571) 
270-1685. The examiner can normally be reached Monday through Thursday from 7:00 
a.m. to 4:00 p.m. and every other Friday from 7:30 a.m. to 3:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nassar G. Moazzami, can be reached on (571) 272 4195. The fax phone 
number for Formal or Official faxes to Technology Center 2100 is (571 ) 273-8300. Draft 
or Informal faxes, which will not be entered in the application, may be submitted directly 
to the examiner at (571) 270-2685. 
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Any inquiry of a general nature or relating to tlie status of tliis application or 
proceeding should be directed to the Group Receptionist whose telephone number is 
(571)272-2100. 

FT 

Friday, August 1 , 2008 



/Nasser G Moazzami/ 

Supervisory Patent Examiner, Art Unit 2136 



